← Back

CVE-2025-20952

nvd nist
Published: Apr 9, 2025Modified: Feb 2, 2026

JSON object

Loading...
5.5
Vector
CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N
Exploitability: 1.8 / Impact: 3.6
Source: mobile.security@samsung.com (Secondary)

Description

Improper access control in Mdecservice prior to SMR Apr-2025 Release 1 allows local attackers to access arbitrary files with system privilege.

Affected (3)

Products: Samsung: Android
Samsung
1 product
Android
Configuration A
3 vulnerable
Vulnerable SoftwareAffected Versions
Samsung
Android
Version 15.0 smr-feb-2025-r1
Android
Version 15.0 smr-jan-2025-r1
Android
Version 15.0 smr-mar-2025-r1

References (1)

Source: mobile.security@samsung.com
Vendor Advisory

Timeline

No history available yet.